test-version22
/
MeterSphere
mirror of https://gitee.com/fit2cloud-feizhiyun/MeterSphere.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

密码校验

This commit is contained in:
Captain.B 2020-02-27 15:09:01 +08:00
parent da2513e038
commit cf828f87b2
5 changed files with 179 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
backend/src/main/java/io/metersphere/base/domain/User.java
View File

@ -9,7 +9,7 @@ public class User implements Serializable {
private String email;
private String phone;
private String password;
private String status;
@ -23,6 +23,8 @@ public class User implements Serializable {
private String lastOrganizationId;
private String phone;
private static final long serialVersionUID = 1L;
public String getId() {
@ -49,12 +51,12 @@ public class User implements Serializable {
this.email = email == null ? null : email.trim();
}
public String getPhone() {
return phone;
public String getPassword() {
return password;
}
public void setPhone(String phone) {
this.phone = phone == null ? null : phone.trim();
public void setPassword(String password) {
this.password = password == null ? null : password.trim();
}
public String getStatus() {
@ -104,4 +106,12 @@ public class User implements Serializable {
public void setLastOrganizationId(String lastOrganizationId) {
this.lastOrganizationId = lastOrganizationId == null ? null : lastOrganizationId.trim();
}
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
this.phone = phone == null ? null : phone.trim();
}
}

126
backend/src/main/java/io/metersphere/base/domain/UserExample.java
View File

@ -314,73 +314,73 @@ public class UserExample {
return (Criteria) this;
}
public Criteria andPhoneIsNull() {
addCriterion("phone is null");
public Criteria andPasswordIsNull() {
addCriterion("password is null");
return (Criteria) this;
}
public Criteria andPhoneIsNotNull() {
addCriterion("phone is not null");
public Criteria andPasswordIsNotNull() {
addCriterion("password is not null");
return (Criteria) this;
}
public Criteria andPhoneEqualTo(String value) {
addCriterion("phone =", value, "phone");
public Criteria andPasswordEqualTo(String value) {
addCriterion("password =", value, "password");
return (Criteria) this;
}
public Criteria andPhoneNotEqualTo(String value) {
addCriterion("phone <>", value, "phone");
public Criteria andPasswordNotEqualTo(String value) {
addCriterion("password <>", value, "password");
return (Criteria) this;
}
public Criteria andPhoneGreaterThan(String value) {
addCriterion("phone >", value, "phone");
public Criteria andPasswordGreaterThan(String value) {
addCriterion("password >", value, "password");
return (Criteria) this;
}
public Criteria andPhoneGreaterThanOrEqualTo(String value) {
addCriterion("phone >=", value, "phone");
public Criteria andPasswordGreaterThanOrEqualTo(String value) {
addCriterion("password >=", value, "password");
return (Criteria) this;
}
public Criteria andPhoneLessThan(String value) {
addCriterion("phone <", value, "phone");
public Criteria andPasswordLessThan(String value) {
addCriterion("password <", value, "password");
return (Criteria) this;
}
public Criteria andPhoneLessThanOrEqualTo(String value) {
addCriterion("phone <=", value, "phone");
public Criteria andPasswordLessThanOrEqualTo(String value) {
addCriterion("password <=", value, "password");
return (Criteria) this;
}
public Criteria andPhoneLike(String value) {
addCriterion("phone like", value, "phone");
public Criteria andPasswordLike(String value) {
addCriterion("password like", value, "password");
return (Criteria) this;
}
public Criteria andPhoneNotLike(String value) {
addCriterion("phone not like", value, "phone");
public Criteria andPasswordNotLike(String value) {
addCriterion("password not like", value, "password");
return (Criteria) this;
}
public Criteria andPhoneIn(List<String> values) {
addCriterion("phone in", values, "phone");
public Criteria andPasswordIn(List<String> values) {
addCriterion("password in", values, "password");
return (Criteria) this;
}
public Criteria andPhoneNotIn(List<String> values) {
addCriterion("phone not in", values, "phone");
public Criteria andPasswordNotIn(List<String> values) {
addCriterion("password not in", values, "password");
return (Criteria) this;
}
public Criteria andPhoneBetween(String value1, String value2) {
addCriterion("phone between", value1, value2, "phone");
public Criteria andPasswordBetween(String value1, String value2) {
addCriterion("password between", value1, value2, "password");
return (Criteria) this;
}
public Criteria andPhoneNotBetween(String value1, String value2) {
addCriterion("phone not between", value1, value2, "phone");
public Criteria andPasswordNotBetween(String value1, String value2) {
addCriterion("password not between", value1, value2, "password");
return (Criteria) this;
}
@ -783,6 +783,76 @@ public class UserExample {
addCriterion("last_organization_id not between", value1, value2, "lastOrganizationId");
return (Criteria) this;
}
public Criteria andPhoneIsNull() {
addCriterion("phone is null");
return (Criteria) this;
}
public Criteria andPhoneIsNotNull() {
addCriterion("phone is not null");
return (Criteria) this;
}
public Criteria andPhoneEqualTo(String value) {
addCriterion("phone =", value, "phone");
return (Criteria) this;
}
public Criteria andPhoneNotEqualTo(String value) {
addCriterion("phone <>", value, "phone");
return (Criteria) this;
}
public Criteria andPhoneGreaterThan(String value) {
addCriterion("phone >", value, "phone");
return (Criteria) this;
}
public Criteria andPhoneGreaterThanOrEqualTo(String value) {
addCriterion("phone >=", value, "phone");
return (Criteria) this;
}
public Criteria andPhoneLessThan(String value) {
addCriterion("phone <", value, "phone");
return (Criteria) this;
}
public Criteria andPhoneLessThanOrEqualTo(String value) {
addCriterion("phone <=", value, "phone");
return (Criteria) this;
}
public Criteria andPhoneLike(String value) {
addCriterion("phone like", value, "phone");
return (Criteria) this;
}
public Criteria andPhoneNotLike(String value) {
addCriterion("phone not like", value, "phone");
return (Criteria) this;
}
public Criteria andPhoneIn(List<String> values) {
addCriterion("phone in", values, "phone");
return (Criteria) this;
}
public Criteria andPhoneNotIn(List<String> values) {
addCriterion("phone not in", values, "phone");
return (Criteria) this;
}
public Criteria andPhoneBetween(String value1, String value2) {
addCriterion("phone between", value1, value2, "phone");
return (Criteria) this;
}
public Criteria andPhoneNotBetween(String value1, String value2) {
addCriterion("phone not between", value1, value2, "phone");
return (Criteria) this;
}
}
public static class Criteria extends GeneratedCriteria {

53
backend/src/main/java/io/metersphere/base/mapper/UserMapper.xml
View File

@ -5,13 +5,14 @@
<id column="id" jdbcType="VARCHAR" property="id" />
<result column="name" jdbcType="VARCHAR" property="name" />
<result column="email" jdbcType="VARCHAR" property="email" />
<result column="phone" jdbcType="VARCHAR" property="phone" />
<result column="password" jdbcType="VARCHAR" property="password" />
<result column="status" jdbcType="VARCHAR" property="status" />
<result column="create_time" jdbcType="BIGINT" property="createTime" />
<result column="update_time" jdbcType="BIGINT" property="updateTime" />
<result column="language" jdbcType="VARCHAR" property="language" />
<result column="last_workspace_id" jdbcType="VARCHAR" property="lastWorkspaceId" />
<result column="last_organization_id" jdbcType="VARCHAR" property="lastOrganizationId" />
<result column="phone" jdbcType="VARCHAR" property="phone" />
</resultMap>
<sql id="Example_Where_Clause">
<where>
@ -72,8 +73,8 @@
</where>
</sql>
<sql id="Base_Column_List">
id, name, email, phone, status, create_time, update_time, language, last_workspace_id,
last_organization_id
id, name, email, password, status, create_time, update_time, language, last_workspace_id,
last_organization_id, phone
</sql>
<select id="selectByExample" parameterType="io.metersphere.base.domain.UserExample" resultMap="BaseResultMap">
select
@ -107,13 +108,13 @@
</delete>
<insert id="insert" parameterType="io.metersphere.base.domain.User">
insert into user (id, name, email,
phone, status, create_time,
password, status, create_time,
update_time, language, last_workspace_id,
last_organization_id)
last_organization_id, phone)
values (#{id,jdbcType=VARCHAR}, #{name,jdbcType=VARCHAR}, #{email,jdbcType=VARCHAR},
#{phone,jdbcType=VARCHAR}, #{status,jdbcType=VARCHAR}, #{createTime,jdbcType=BIGINT},
#{password,jdbcType=VARCHAR}, #{status,jdbcType=VARCHAR}, #{createTime,jdbcType=BIGINT},
#{updateTime,jdbcType=BIGINT}, #{language,jdbcType=VARCHAR}, #{lastWorkspaceId,jdbcType=VARCHAR},
#{lastOrganizationId,jdbcType=VARCHAR})
#{lastOrganizationId,jdbcType=VARCHAR}, #{phone,jdbcType=VARCHAR})
</insert>
<insert id="insertSelective" parameterType="io.metersphere.base.domain.User">
insert into user
@ -127,8 +128,8 @@
<if test="email != null">
email,
</if>
<if test="phone != null">
phone,
<if test="password != null">
password,
</if>
<if test="status != null">
status,
@ -148,6 +149,9 @@
<if test="lastOrganizationId != null">
last_organization_id,
</if>
<if test="phone != null">
phone,
</if>
</trim>
<trim prefix="values (" suffix=")" suffixOverrides=",">
<if test="id != null">
@ -159,8 +163,8 @@
<if test="email != null">
#{email,jdbcType=VARCHAR},
</if>
<if test="phone != null">
#{phone,jdbcType=VARCHAR},
<if test="password != null">
#{password,jdbcType=VARCHAR},
</if>
<if test="status != null">
#{status,jdbcType=VARCHAR},
@ -180,6 +184,9 @@
<if test="lastOrganizationId != null">
#{lastOrganizationId,jdbcType=VARCHAR},
</if>
<if test="phone != null">
#{phone,jdbcType=VARCHAR},
</if>
</trim>
</insert>
<select id="countByExample" parameterType="io.metersphere.base.domain.UserExample" resultType="java.lang.Long">
@ -200,8 +207,8 @@
<if test="record.email != null">
email = #{record.email,jdbcType=VARCHAR},
</if>
<if test="record.phone != null">
phone = #{record.phone,jdbcType=VARCHAR},
<if test="record.password != null">
password = #{record.password,jdbcType=VARCHAR},
</if>
<if test="record.status != null">
status = #{record.status,jdbcType=VARCHAR},
@ -221,6 +228,9 @@
<if test="record.lastOrganizationId != null">
last_organization_id = #{record.lastOrganizationId,jdbcType=VARCHAR},
</if>
<if test="record.phone != null">
phone = #{record.phone,jdbcType=VARCHAR},
</if>
</set>
<if test="_parameter != null">
<include refid="Update_By_Example_Where_Clause" />
@ -231,13 +241,14 @@
set id = #{record.id,jdbcType=VARCHAR},
name = #{record.name,jdbcType=VARCHAR},
email = #{record.email,jdbcType=VARCHAR},
phone = #{record.phone,jdbcType=VARCHAR},
password = #{record.password,jdbcType=VARCHAR},
status = #{record.status,jdbcType=VARCHAR},
create_time = #{record.createTime,jdbcType=BIGINT},
update_time = #{record.updateTime,jdbcType=BIGINT},
language = #{record.language,jdbcType=VARCHAR},
last_workspace_id = #{record.lastWorkspaceId,jdbcType=VARCHAR},
last_organization_id = #{record.lastOrganizationId,jdbcType=VARCHAR}
last_organization_id = #{record.lastOrganizationId,jdbcType=VARCHAR},
phone = #{record.phone,jdbcType=VARCHAR}
<if test="_parameter != null">
<include refid="Update_By_Example_Where_Clause" />
</if>
@ -251,8 +262,8 @@
<if test="email != null">
email = #{email,jdbcType=VARCHAR},
</if>
<if test="phone != null">
phone = #{phone,jdbcType=VARCHAR},
<if test="password != null">
password = #{password,jdbcType=VARCHAR},
</if>
<if test="status != null">
status = #{status,jdbcType=VARCHAR},
@ -272,6 +283,9 @@
<if test="lastOrganizationId != null">
last_organization_id = #{lastOrganizationId,jdbcType=VARCHAR},
</if>
<if test="phone != null">
phone = #{phone,jdbcType=VARCHAR},
</if>
</set>
where id = #{id,jdbcType=VARCHAR}
</update>
@ -279,13 +293,14 @@
update user
set name = #{name,jdbcType=VARCHAR},
email = #{email,jdbcType=VARCHAR},
phone = #{phone,jdbcType=VARCHAR},
password = #{password,jdbcType=VARCHAR},
status = #{status,jdbcType=VARCHAR},
create_time = #{createTime,jdbcType=BIGINT},
update_time = #{updateTime,jdbcType=BIGINT},
language = #{language,jdbcType=VARCHAR},
last_workspace_id = #{lastWorkspaceId,jdbcType=VARCHAR},
last_organization_id = #{lastOrganizationId,jdbcType=VARCHAR}
last_organization_id = #{lastOrganizationId,jdbcType=VARCHAR},
phone = #{phone,jdbcType=VARCHAR}
where id = #{id,jdbcType=VARCHAR}
</update>
</mapper>

19
backend/src/main/java/io/metersphere/security/ShiroDBRealm.java
View File

@ -6,6 +6,7 @@ import io.metersphere.dto.UserDTO;
import io.metersphere.service.UserService;
import io.metersphere.user.SessionUser;
import io.metersphere.user.SessionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
@ -13,6 +14,7 @@ import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import javax.annotation.Resource;
import java.util.Set;
@ -34,11 +36,15 @@ public class ShiroDBRealm extends AuthorizingRealm {
@Resource
private UserService userService;
@Value("${run.mode:release}")
private String runMode;
/**
* 权限认证
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String userName = (String) principals.getPrimaryPrincipal();
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
@ -65,8 +71,17 @@ public class ShiroDBRealm extends AuthorizingRealm {
logger.warn(msg);
throw new UnknownAccountException(msg);
}
// TODO 密码验证
// local test
if (StringUtils.equals("local", runMode)) {
SessionUser sessionUser = SessionUser.fromUser(user);
SessionUtils.putUser(sessionUser);
return new SimpleAuthenticationInfo(userId, password, getName());
}
// 密码验证
if (!userService.checkUserPassword(userId, password)) {
throw new IncorrectCredentialsException("The password is incorrect");
}
//
SessionUser sessionUser = SessionUser.fromUser(user);
SessionUtils.putUser(sessionUser);
return new SimpleAuthenticationInfo(userId, password, getName());

16
backend/src/main/java/io/metersphere/service/UserService.java
View File

@ -5,6 +5,7 @@ import io.metersphere.base.mapper.*;
import io.metersphere.base.mapper.ext.ExtUserRoleMapper;
import io.metersphere.commons.constants.RoleConstants;
import io.metersphere.commons.exception.MSException;
import io.metersphere.commons.utils.CodingUtil;
import io.metersphere.controller.request.member.AddMemberRequest;
import io.metersphere.controller.request.member.QueryMemberRequest;
import io.metersphere.controller.request.organization.AddOrgMemberRequest;
@ -19,6 +20,7 @@ import org.springframework.beans.BeanUtils;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.CollectionUtils;
import javax.annotation.Resource;
import java.util.*;
import java.util.stream.Collectors;
@ -219,7 +221,7 @@ public class UserService {
return resultList;
}
public void switchUserRole(UserDTO user,String sign,String sourceId) {
public void switchUserRole(UserDTO user, String sign, String sourceId) {
User newUser = new User();
if (StringUtils.equals("organization", sign)) {
user.setLastOrganizationId(sourceId);
@ -292,4 +294,16 @@ public class UserService {
public List<User> getOrgMemberList(QueryOrgMemberRequest request) {
return extUserRoleMapper.getOrgMemberList(request);
}
public boolean checkUserPassword(String userId, String password) {
if (StringUtils.isBlank(userId)) {
MSException.throwException("Username cannot be null");
}
if (StringUtils.isBlank(password)) {
MSException.throwException("Password cannot be null");
}
UserExample example = new UserExample();
example.createCriteria().andIdEqualTo(userId).andPasswordEqualTo(CodingUtil.md5(password));
return userMapper.countByExample(example) > 0;
}
}